awsx.ec2.Vpc
Explore with Pulumi AI
The VPC component provides a VPC with configured subnets and NAT gateways.
Subnet Layout Strategies
If no subnet arguments are passed, then a public and private subnet will be created in each AZ with default sizing. The layout of these subnets can be customised by specifying additional arguments.
All strategies are designed to help build a uniform layout of subnets each each availability zone.
If no strategy is specified, “Legacy” will be used for backward compatibility reasons. In the next major version this will change to defaulting to “Auto”.
Auto
The “Auto” strategy divides the VPC space evenly between the availability zones. Within each availability zone it allocates each subnet in the order they were specified. If a CIDR mask or size was not specified it will default to an even division of the availability zone range. If subnets have different sizes, spaces will be automatically added to ensure subnets don’t overlap (e.g. where a previous subnet is smaller than the next).
Exact
The “Exact” strategy is the same as “Auto” with the additional requirement to explicitly specify what the whole of each zone’s range will be used for. Where you expect to have a gap between or after subnets, these must be passed using the subnet specification type “Unused” to show all space has been properly accounted for.
Explicit CIDR Blocks
If you prefer to do your CIDR block calculations yourself, you can specify a list of CIDR blocks for each subnet spec which it will be allocated for in each availability zone. If using explicit layouts, all subnet specs must be declared with explicit CIDR blocks. Each list of CIDR blocks must have the same length as the number of availability zones for the VPC.
Legacy
The “Legacy” works similarly to the “Auto” strategy except that within each availability zone it allocates the private subnet first, followed by the public subnets, and lastly the isolated subnets. The order of subnet specifications of the same type can be changed, but the ordering of private, public, isolated is not overridable. For more flexibility we recommend moving to the “Auto” strategy. The output property subnetLayout
shows the configuration required if specifying the “Auto” strategy to maintain the current layout.
Example Usage
Basic usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Awsx = Pulumi.Awsx;
return await Deployment.RunAsync(() =>
{
var vpc = new Awsx.Ec2.Vpc("vpc");
return new Dictionary<string, object?>
{
["vpcId"] = vpc.VpcId,
["vpcPrivateSubnetIds"] = vpc.PrivateSubnetIds,
["vpcPublicSubnetIds"] = vpc.PublicSubnetIds,
};
});
package main
import (
"github.com/pulumi/pulumi-awsx/sdk/v2/go/awsx/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
vpc, err := ec2.NewVpc(ctx, "vpc", nil)
if err != nil {
return err
}
ctx.Export("vpcId", vpc.VpcId)
ctx.Export("vpcPrivateSubnetIds", vpc.PrivateSubnetIds)
ctx.Export("vpcPublicSubnetIds", vpc.PublicSubnetIds)
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.awsx.ec2.Vpc;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var vpc = new Vpc("vpc");
ctx.export("vpcId", vpc.vpcId());
ctx.export("vpcPrivateSubnetIds", vpc.privateSubnetIds());
ctx.export("vpcPublicSubnetIds", vpc.publicSubnetIds());
}
}
import pulumi
import pulumi_awsx as awsx
vpc = awsx.ec2.Vpc("vpc")
pulumi.export("vpcId", vpc.vpc_id)
pulumi.export("vpcPrivateSubnetIds", vpc.private_subnet_ids)
pulumi.export("vpcPublicSubnetIds", vpc.public_subnet_ids)
import * as pulumi from "@pulumi/pulumi";
import * as awsx from "@pulumi/awsx";
const vpc = new awsx.ec2.Vpc("vpc", {});
export const vpcId = vpc.vpcId;
export const vpcPrivateSubnetIds = vpc.privateSubnetIds;
export const vpcPublicSubnetIds = vpc.publicSubnetIds;
resources:
vpc:
type: awsx:ec2:Vpc
outputs:
vpcId: ${vpc.vpcId}
vpcPrivateSubnetIds: ${vpc.privateSubnetIds}
vpcPublicSubnetIds: ${vpc.publicSubnetIds}
Create Vpc Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Vpc(name: string, args?: VpcArgs, opts?: ComponentResourceOptions);
@overload
def Vpc(resource_name: str,
args: Optional[VpcArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def Vpc(resource_name: str,
opts: Optional[ResourceOptions] = None,
assign_generated_ipv6_cidr_block: Optional[bool] = None,
availability_zone_cidr_mask: Optional[int] = None,
availability_zone_names: Optional[Sequence[str]] = None,
cidr_block: Optional[str] = None,
enable_dns_hostnames: Optional[bool] = None,
enable_dns_support: Optional[bool] = None,
enable_network_address_usage_metrics: Optional[bool] = None,
instance_tenancy: Optional[str] = None,
ipv4_ipam_pool_id: Optional[str] = None,
ipv4_netmask_length: Optional[int] = None,
ipv6_cidr_block: Optional[str] = None,
ipv6_cidr_block_network_border_group: Optional[str] = None,
ipv6_ipam_pool_id: Optional[str] = None,
ipv6_netmask_length: Optional[int] = None,
nat_gateways: Optional[NatGatewayConfigurationArgs] = None,
number_of_availability_zones: Optional[int] = None,
subnet_specs: Optional[Sequence[SubnetSpecArgs]] = None,
subnet_strategy: Optional[SubnetAllocationStrategy] = None,
tags: Optional[Mapping[str, str]] = None,
vpc_endpoint_specs: Optional[Sequence[VpcEndpointSpecArgs]] = None)
func NewVpc(ctx *Context, name string, args *VpcArgs, opts ...ResourceOption) (*Vpc, error)
public Vpc(string name, VpcArgs? args = null, ComponentResourceOptions? opts = null)
type: awsx:ec2:Vpc
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args VpcArgs
- The arguments to resource properties.
- opts ComponentResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args VpcArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args VpcArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args VpcArgs
- The arguments to resource properties.
- opts ComponentResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args VpcArgs
- The arguments to resource properties.
- options ComponentResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var vpcResource = new Awsx.Ec2.Vpc("vpcResource", new()
{
AssignGeneratedIpv6CidrBlock = false,
AvailabilityZoneCidrMask = 0,
AvailabilityZoneNames = new()
{
"string",
},
CidrBlock = "string",
EnableDnsHostnames = false,
EnableDnsSupport = false,
EnableNetworkAddressUsageMetrics = false,
InstanceTenancy = "string",
Ipv4IpamPoolId = "string",
Ipv4NetmaskLength = 0,
Ipv6CidrBlock = "string",
Ipv6CidrBlockNetworkBorderGroup = "string",
Ipv6IpamPoolId = "string",
Ipv6NetmaskLength = 0,
NatGateways = new Awsx.Ec2.Inputs.NatGatewayConfigurationArgs
{
Strategy = Awsx.Ec2.NatGatewayStrategy.None,
ElasticIpAllocationIds = new()
{
"string",
},
},
NumberOfAvailabilityZones = 0,
SubnetSpecs = new()
{
new Awsx.Ec2.Inputs.SubnetSpecArgs
{
Type = Awsx.Ec2.SubnetType.Public,
CidrBlocks = new()
{
"string",
},
CidrMask = 0,
Name = "string",
Size = 0,
Tags =
{
{ "string", "string" },
},
},
},
SubnetStrategy = Awsx.Ec2.SubnetAllocationStrategy.Legacy,
Tags =
{
{ "string", "string" },
},
VpcEndpointSpecs = new()
{
new Awsx.Ec2.Inputs.VpcEndpointSpecArgs
{
ServiceName = "string",
AutoAccept = false,
DnsOptions = new Aws.Ec2.Inputs.VpcEndpointDnsOptionsArgs
{
DnsRecordIpType = "string",
PrivateDnsOnlyForInboundResolverEndpoint = false,
},
IpAddressType = "string",
Policy = "string",
PrivateDnsEnabled = false,
RouteTableIds = new()
{
"string",
},
SecurityGroupIds = new()
{
"string",
},
SubnetConfigurations = new()
{
new Aws.Ec2.Inputs.VpcEndpointSubnetConfigurationArgs
{
Ipv4 = "string",
Ipv6 = "string",
SubnetId = "string",
},
},
SubnetIds = new()
{
"string",
},
Tags =
{
{ "string", "string" },
},
VpcEndpointType = "string",
},
},
});
example, err := ec2.NewVpc(ctx, "vpcResource", &ec2.VpcArgs{
AssignGeneratedIpv6CidrBlock: pulumi.Bool(false),
AvailabilityZoneCidrMask: 0,
AvailabilityZoneNames: []string{
"string",
},
CidrBlock: "string",
EnableDnsHostnames: pulumi.Bool(false),
EnableDnsSupport: pulumi.Bool(false),
EnableNetworkAddressUsageMetrics: pulumi.Bool(false),
InstanceTenancy: pulumi.String("string"),
Ipv4IpamPoolId: pulumi.String("string"),
Ipv4NetmaskLength: pulumi.Int(0),
Ipv6CidrBlock: pulumi.String("string"),
Ipv6CidrBlockNetworkBorderGroup: pulumi.String("string"),
Ipv6IpamPoolId: pulumi.String("string"),
Ipv6NetmaskLength: pulumi.Int(0),
NatGateways: &ec2.NatGatewayConfigurationArgs{
Strategy: ec2.NatGatewayStrategyNone,
ElasticIpAllocationIds: []pulumi.String{
pulumi.String("string"),
},
},
NumberOfAvailabilityZones: 0,
SubnetSpecs: []ec2.SubnetSpecArgs{
{
Type: ec2.SubnetTypePublic,
CidrBlocks: []string{
"string",
},
CidrMask: 0,
Name: "string",
Size: 0,
Tags: {
"string": pulumi.String("string"),
},
},
},
SubnetStrategy: ec2.SubnetAllocationStrategyLegacy,
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
VpcEndpointSpecs: []ec2.VpcEndpointSpecArgs{
{
ServiceName: "string",
AutoAccept: false,
DnsOptions: {
DnsRecordIpType: pulumi.String("string"),
PrivateDnsOnlyForInboundResolverEndpoint: pulumi.Bool(false),
},
IpAddressType: pulumi.String("string"),
Policy: pulumi.String("string"),
PrivateDnsEnabled: false,
RouteTableIds: pulumi.StringArray{
pulumi.String("string"),
},
SecurityGroupIds: pulumi.StringArray{
pulumi.String("string"),
},
SubnetConfigurations: ec2.VpcEndpointSubnetConfigurationArray{
{
Ipv4: pulumi.String("string"),
Ipv6: pulumi.String("string"),
SubnetId: pulumi.String("string"),
},
},
SubnetIds: pulumi.StringArray{
pulumi.String("string"),
},
Tags: {
"string": pulumi.String("string"),
},
VpcEndpointType: pulumi.String("string"),
},
},
})
var vpcResource = new Vpc("vpcResource", VpcArgs.builder()
.assignGeneratedIpv6CidrBlock(false)
.availabilityZoneCidrMask(0)
.availabilityZoneNames("string")
.cidrBlock("string")
.enableDnsHostnames(false)
.enableDnsSupport(false)
.enableNetworkAddressUsageMetrics(false)
.instanceTenancy("string")
.ipv4IpamPoolId("string")
.ipv4NetmaskLength(0)
.ipv6CidrBlock("string")
.ipv6CidrBlockNetworkBorderGroup("string")
.ipv6IpamPoolId("string")
.ipv6NetmaskLength(0)
.natGateways(NatGatewayConfigurationArgs.builder()
.strategy("None")
.elasticIpAllocationIds("string")
.build())
.numberOfAvailabilityZones(0)
.subnetSpecs(SubnetSpecArgs.builder()
.type("Public")
.cidrBlocks("string")
.cidrMask(0)
.name("string")
.size(0)
.tags(Map.of("string", "string"))
.build())
.subnetStrategy("Legacy")
.tags(Map.of("string", "string"))
.vpcEndpointSpecs(VpcEndpointSpecArgs.builder()
.serviceName("string")
.autoAccept(false)
.dnsOptions(VpcEndpointDnsOptionsArgs.builder()
.dnsRecordIpType("string")
.privateDnsOnlyForInboundResolverEndpoint(false)
.build())
.ipAddressType("string")
.policy("string")
.privateDnsEnabled(false)
.routeTableIds("string")
.securityGroupIds("string")
.subnetConfigurations(VpcEndpointSubnetConfigurationArgs.builder()
.ipv4("string")
.ipv6("string")
.subnetId("string")
.build())
.subnetIds("string")
.tags(Map.of("string", "string"))
.vpcEndpointType("string")
.build())
.build());
vpc_resource = awsx.ec2.Vpc("vpcResource",
assign_generated_ipv6_cidr_block=False,
availability_zone_cidr_mask=0,
availability_zone_names=["string"],
cidr_block="string",
enable_dns_hostnames=False,
enable_dns_support=False,
enable_network_address_usage_metrics=False,
instance_tenancy="string",
ipv4_ipam_pool_id="string",
ipv4_netmask_length=0,
ipv6_cidr_block="string",
ipv6_cidr_block_network_border_group="string",
ipv6_ipam_pool_id="string",
ipv6_netmask_length=0,
nat_gateways={
"strategy": awsx.ec2.NatGatewayStrategy.NONE,
"elastic_ip_allocation_ids": ["string"],
},
number_of_availability_zones=0,
subnet_specs=[{
"type": awsx.ec2.SubnetType.PUBLIC,
"cidr_blocks": ["string"],
"cidr_mask": 0,
"name": "string",
"size": 0,
"tags": {
"string": "string",
},
}],
subnet_strategy=awsx.ec2.SubnetAllocationStrategy.LEGACY,
tags={
"string": "string",
},
vpc_endpoint_specs=[{
"service_name": "string",
"auto_accept": False,
"dns_options": {
"dns_record_ip_type": "string",
"private_dns_only_for_inbound_resolver_endpoint": False,
},
"ip_address_type": "string",
"policy": "string",
"private_dns_enabled": False,
"route_table_ids": ["string"],
"security_group_ids": ["string"],
"subnet_configurations": [{
"ipv4": "string",
"ipv6": "string",
"subnet_id": "string",
}],
"subnet_ids": ["string"],
"tags": {
"string": "string",
},
"vpc_endpoint_type": "string",
}])
const vpcResource = new awsx.ec2.Vpc("vpcResource", {
assignGeneratedIpv6CidrBlock: false,
availabilityZoneCidrMask: 0,
availabilityZoneNames: ["string"],
cidrBlock: "string",
enableDnsHostnames: false,
enableDnsSupport: false,
enableNetworkAddressUsageMetrics: false,
instanceTenancy: "string",
ipv4IpamPoolId: "string",
ipv4NetmaskLength: 0,
ipv6CidrBlock: "string",
ipv6CidrBlockNetworkBorderGroup: "string",
ipv6IpamPoolId: "string",
ipv6NetmaskLength: 0,
natGateways: {
strategy: awsx.ec2.NatGatewayStrategy.None,
elasticIpAllocationIds: ["string"],
},
numberOfAvailabilityZones: 0,
subnetSpecs: [{
type: awsx.ec2.SubnetType.Public,
cidrBlocks: ["string"],
cidrMask: 0,
name: "string",
size: 0,
tags: {
string: "string",
},
}],
subnetStrategy: awsx.ec2.SubnetAllocationStrategy.Legacy,
tags: {
string: "string",
},
vpcEndpointSpecs: [{
serviceName: "string",
autoAccept: false,
dnsOptions: {
dnsRecordIpType: "string",
privateDnsOnlyForInboundResolverEndpoint: false,
},
ipAddressType: "string",
policy: "string",
privateDnsEnabled: false,
routeTableIds: ["string"],
securityGroupIds: ["string"],
subnetConfigurations: [{
ipv4: "string",
ipv6: "string",
subnetId: "string",
}],
subnetIds: ["string"],
tags: {
string: "string",
},
vpcEndpointType: "string",
}],
});
type: awsx:ec2:Vpc
properties:
assignGeneratedIpv6CidrBlock: false
availabilityZoneCidrMask: 0
availabilityZoneNames:
- string
cidrBlock: string
enableDnsHostnames: false
enableDnsSupport: false
enableNetworkAddressUsageMetrics: false
instanceTenancy: string
ipv4IpamPoolId: string
ipv4NetmaskLength: 0
ipv6CidrBlock: string
ipv6CidrBlockNetworkBorderGroup: string
ipv6IpamPoolId: string
ipv6NetmaskLength: 0
natGateways:
elasticIpAllocationIds:
- string
strategy: None
numberOfAvailabilityZones: 0
subnetSpecs:
- cidrBlocks:
- string
cidrMask: 0
name: string
size: 0
tags:
string: string
type: Public
subnetStrategy: Legacy
tags:
string: string
vpcEndpointSpecs:
- autoAccept: false
dnsOptions:
dnsRecordIpType: string
privateDnsOnlyForInboundResolverEndpoint: false
ipAddressType: string
policy: string
privateDnsEnabled: false
routeTableIds:
- string
securityGroupIds:
- string
serviceName: string
subnetConfigurations:
- ipv4: string
ipv6: string
subnetId: string
subnetIds:
- string
tags:
string: string
vpcEndpointType: string
Vpc Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Vpc resource accepts the following input properties:
- Assign
Generated boolIpv6Cidr Block - Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is
false
. Conflicts withipv6_ipam_pool_id
- Availability
Zone intCidr Mask - The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
- Availability
Zone List<string>Names - A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- Cidr
Block string - The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
- Enable
Dns boolHostnames - A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
- Enable
Dns boolSupport - A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
- Enable
Network boolAddress Usage Metrics - Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
- Instance
Tenancy string - A tenancy option for instances launched into the VPC. Default is
default
, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option isdedicated
, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee. - Ipv4Ipam
Pool stringId - The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
- Ipv4Netmask
Length int - The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a
ipv4_ipam_pool_id
. - Ipv6Cidr
Block string - IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using
ipv6_netmask_length
. - Ipv6Cidr
Block stringNetwork Border Group - By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
- Ipv6Ipam
Pool stringId - IPAM Pool ID for a IPv6 pool. Conflicts with
assign_generated_ipv6_cidr_block
. - Ipv6Netmask
Length int - Netmask length to request from IPAM Pool. Conflicts with
ipv6_cidr_block
. This can be omitted if IPAM pool as aallocation_default_netmask_length
set. Valid values are from44
to60
in increments of 4. - Nat
Gateways NatGateway Configuration - Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
- Number
Of intAvailability Zones - A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- Subnet
Specs List<SubnetSpec> - A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Public subnets, and Isolated subnets are allocated last.
- Subnet
Strategy Pulumi.Awsx. Ec2. Subnet Allocation Strategy - The strategy to use when allocating subnets for the VPC. Optional. Defaults to
Legacy
. - Dictionary<string, string>
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Vpc
Endpoint List<VpcSpecs Endpoint Spec> - A list of VPC Endpoints specs to be deployed as part of the VPC
- Assign
Generated boolIpv6Cidr Block - Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is
false
. Conflicts withipv6_ipam_pool_id
- Availability
Zone intCidr Mask - The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
- Availability
Zone []stringNames - A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- Cidr
Block string - The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
- Enable
Dns boolHostnames - A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
- Enable
Dns boolSupport - A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
- Enable
Network boolAddress Usage Metrics - Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
- Instance
Tenancy string - A tenancy option for instances launched into the VPC. Default is
default
, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option isdedicated
, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee. - Ipv4Ipam
Pool stringId - The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
- Ipv4Netmask
Length int - The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a
ipv4_ipam_pool_id
. - Ipv6Cidr
Block string - IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using
ipv6_netmask_length
. - Ipv6Cidr
Block stringNetwork Border Group - By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
- Ipv6Ipam
Pool stringId - IPAM Pool ID for a IPv6 pool. Conflicts with
assign_generated_ipv6_cidr_block
. - Ipv6Netmask
Length int - Netmask length to request from IPAM Pool. Conflicts with
ipv6_cidr_block
. This can be omitted if IPAM pool as aallocation_default_netmask_length
set. Valid values are from44
to60
in increments of 4. - Nat
Gateways NatGateway Configuration Args - Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
- Number
Of intAvailability Zones - A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- Subnet
Specs []SubnetSpec Args - A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Public subnets, and Isolated subnets are allocated last.
- Subnet
Strategy SubnetAllocation Strategy - The strategy to use when allocating subnets for the VPC. Optional. Defaults to
Legacy
. - map[string]string
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Vpc
Endpoint []VpcSpecs Endpoint Spec Args - A list of VPC Endpoints specs to be deployed as part of the VPC
- assign
Generated BooleanIpv6Cidr Block - Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is
false
. Conflicts withipv6_ipam_pool_id
- availability
Zone IntegerCidr Mask - The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
- availability
Zone List<String>Names - A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- cidr
Block String - The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
- enable
Dns BooleanHostnames - A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
- enable
Dns BooleanSupport - A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
- enable
Network BooleanAddress Usage Metrics - Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
- instance
Tenancy String - A tenancy option for instances launched into the VPC. Default is
default
, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option isdedicated
, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee. - ipv4Ipam
Pool StringId - The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
- ipv4Netmask
Length Integer - The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a
ipv4_ipam_pool_id
. - ipv6Cidr
Block String - IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using
ipv6_netmask_length
. - ipv6Cidr
Block StringNetwork Border Group - By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
- ipv6Ipam
Pool StringId - IPAM Pool ID for a IPv6 pool. Conflicts with
assign_generated_ipv6_cidr_block
. - ipv6Netmask
Length Integer - Netmask length to request from IPAM Pool. Conflicts with
ipv6_cidr_block
. This can be omitted if IPAM pool as aallocation_default_netmask_length
set. Valid values are from44
to60
in increments of 4. - nat
Gateways NatGateway Configuration - Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
- number
Of IntegerAvailability Zones - A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- subnet
Specs List<SubnetSpec> - A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Public subnets, and Isolated subnets are allocated last.
- subnet
Strategy SubnetAllocation Strategy - The strategy to use when allocating subnets for the VPC. Optional. Defaults to
Legacy
. - Map<String,String>
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - vpc
Endpoint List<VpcSpecs Endpoint Spec> - A list of VPC Endpoints specs to be deployed as part of the VPC
- assign
Generated booleanIpv6Cidr Block - Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is
false
. Conflicts withipv6_ipam_pool_id
- availability
Zone numberCidr Mask - The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
- availability
Zone string[]Names - A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- cidr
Block string - The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
- enable
Dns booleanHostnames - A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
- enable
Dns booleanSupport - A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
- enable
Network booleanAddress Usage Metrics - Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
- instance
Tenancy string - A tenancy option for instances launched into the VPC. Default is
default
, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option isdedicated
, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee. - ipv4Ipam
Pool stringId - The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
- ipv4Netmask
Length number - The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a
ipv4_ipam_pool_id
. - ipv6Cidr
Block string - IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using
ipv6_netmask_length
. - ipv6Cidr
Block stringNetwork Border Group - By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
- ipv6Ipam
Pool stringId - IPAM Pool ID for a IPv6 pool. Conflicts with
assign_generated_ipv6_cidr_block
. - ipv6Netmask
Length number - Netmask length to request from IPAM Pool. Conflicts with
ipv6_cidr_block
. This can be omitted if IPAM pool as aallocation_default_netmask_length
set. Valid values are from44
to60
in increments of 4. - nat
Gateways NatGateway Configuration - Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
- number
Of numberAvailability Zones - A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- subnet
Specs SubnetSpec[] - A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Public subnets, and Isolated subnets are allocated last.
- subnet
Strategy SubnetAllocation Strategy - The strategy to use when allocating subnets for the VPC. Optional. Defaults to
Legacy
. - {[key: string]: string}
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - vpc
Endpoint VpcSpecs Endpoint Spec[] - A list of VPC Endpoints specs to be deployed as part of the VPC
- assign_
generated_ boolipv6_ cidr_ block - Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is
false
. Conflicts withipv6_ipam_pool_id
- availability_
zone_ intcidr_ mask - The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
- availability_
zone_ Sequence[str]names - A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- cidr_
block str - The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
- enable_
dns_ boolhostnames - A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
- enable_
dns_ boolsupport - A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
- enable_
network_ booladdress_ usage_ metrics - Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
- instance_
tenancy str - A tenancy option for instances launched into the VPC. Default is
default
, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option isdedicated
, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee. - ipv4_
ipam_ strpool_ id - The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
- ipv4_
netmask_ intlength - The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a
ipv4_ipam_pool_id
. - ipv6_
cidr_ strblock - IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using
ipv6_netmask_length
. - ipv6_
cidr_ strblock_ network_ border_ group - By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
- ipv6_
ipam_ strpool_ id - IPAM Pool ID for a IPv6 pool. Conflicts with
assign_generated_ipv6_cidr_block
. - ipv6_
netmask_ intlength - Netmask length to request from IPAM Pool. Conflicts with
ipv6_cidr_block
. This can be omitted if IPAM pool as aallocation_default_netmask_length
set. Valid values are from44
to60
in increments of 4. - nat_
gateways NatGateway Configuration Args - Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
- number_
of_ intavailability_ zones - A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- subnet_
specs Sequence[SubnetSpec Args] - A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Public subnets, and Isolated subnets are allocated last.
- subnet_
strategy SubnetAllocation Strategy - The strategy to use when allocating subnets for the VPC. Optional. Defaults to
Legacy
. - Mapping[str, str]
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - vpc_
endpoint_ Sequence[Vpcspecs Endpoint Spec Args] - A list of VPC Endpoints specs to be deployed as part of the VPC
- assign
Generated BooleanIpv6Cidr Block - Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is
false
. Conflicts withipv6_ipam_pool_id
- availability
Zone NumberCidr Mask - The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
- availability
Zone List<String>Names - A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- cidr
Block String - The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
- enable
Dns BooleanHostnames - A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
- enable
Dns BooleanSupport - A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
- enable
Network BooleanAddress Usage Metrics - Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
- instance
Tenancy String - A tenancy option for instances launched into the VPC. Default is
default
, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option isdedicated
, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee. - ipv4Ipam
Pool StringId - The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
- ipv4Netmask
Length Number - The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a
ipv4_ipam_pool_id
. - ipv6Cidr
Block String - IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using
ipv6_netmask_length
. - ipv6Cidr
Block StringNetwork Border Group - By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
- ipv6Ipam
Pool StringId - IPAM Pool ID for a IPv6 pool. Conflicts with
assign_generated_ipv6_cidr_block
. - ipv6Netmask
Length Number - Netmask length to request from IPAM Pool. Conflicts with
ipv6_cidr_block
. This can be omitted if IPAM pool as aallocation_default_netmask_length
set. Valid values are from44
to60
in increments of 4. - nat
Gateways Property Map - Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
- number
Of NumberAvailability Zones - A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
- subnet
Specs List<Property Map> - A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Public subnets, and Isolated subnets are allocated last.
- subnet
Strategy "Legacy" | "Auto" | "Exact" - The strategy to use when allocating subnets for the VPC. Optional. Defaults to
Legacy
. - Map<String>
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - vpc
Endpoint List<Property Map>Specs - A list of VPC Endpoints specs to be deployed as part of the VPC
Outputs
All input properties are implicitly available as output properties. Additionally, the Vpc resource produces the following output properties:
- Aws
Vpc Pulumi.Aws. Ec2. Vpc - The VPC. This type is defined in the AWS Classic package.
- Eips
List<Pulumi.
Aws. Ec2. Eip> - The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
- Internet
Gateway Pulumi.Aws. Ec2. Internet Gateway - The Internet Gateway for the VPC. This type is defined in the AWS Classic package.
- Isolated
Subnet List<string>Ids - Private
Subnet List<string>Ids - Public
Subnet List<string>Ids - Route
Table List<Pulumi.Associations Aws. Ec2. Route Table Association> - The Route Table Associations for the VPC.
- Route
Tables List<Pulumi.Aws. Ec2. Route Table> - The Route Tables for the VPC.
- Routes
List<Pulumi.
Aws. Ec2. Route> - The Routes for the VPC.
- Subnet
Layout List<ResolvedSubnet Spec> - The resolved subnet specs layout deployed to each availability zone.
- Subnets
List<Pulumi.
Aws. Ec2. Subnet> - The VPC's subnets.
- Vpc
Endpoints List<Pulumi.Aws. Ec2. Vpc Endpoint> - The VPC Endpoints that are enabled
- Vpc
Id string
- Eips Eip
- The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
- Internet
Gateway InternetGateway - The Internet Gateway for the VPC. This type is defined in the AWS Classic package.
- Isolated
Subnet []stringIds - Private
Subnet []stringIds - Public
Subnet []stringIds - Route
Table RouteAssociations Table Association - The Route Table Associations for the VPC.
- Route
Tables RouteTable - The Route Tables for the VPC.
- Routes Route
- The Routes for the VPC.
- Subnet
Layout []ResolvedSubnet Spec - The resolved subnet specs layout deployed to each availability zone.
- Subnets Subnet
- The VPC's subnets.
- Vpc Vpc
- The VPC. This type is defined in the AWS Classic package.
- Vpc
Endpoints VpcEndpoint - The VPC Endpoints that are enabled
- Vpc
Id string
- eips List<Eip>
- The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
- internet
Gateway InternetGateway - The Internet Gateway for the VPC. This type is defined in the AWS Classic package.
- isolated
Subnet List<String>Ids - private
Subnet List<String>Ids - public
Subnet List<String>Ids - route
Table List<RouteAssociations Table Association> - The Route Table Associations for the VPC.
- route
Tables List<RouteTable> - The Route Tables for the VPC.
- routes List<Route>
- The Routes for the VPC.
- subnet
Layout List<ResolvedSubnet Spec> - The resolved subnet specs layout deployed to each availability zone.
- subnets List<Subnet>
- The VPC's subnets.
- vpc Vpc
- The VPC. This type is defined in the AWS Classic package.
- vpc
Endpoints List<VpcEndpoint> - The VPC Endpoints that are enabled
- vpc
Id String
- eips
pulumi
Aws. Eip[] - The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
- internet
Gateway pulumiAws. Internet Gateway - The Internet Gateway for the VPC. This type is defined in the AWS Classic package.
- isolated
Subnet string[]Ids - private
Subnet string[]Ids - public
Subnet string[]Ids - route
Table pulumiAssociations Aws. Route Table Association[] - The Route Table Associations for the VPC.
- route
Tables pulumiAws. Route Table[] - The Route Tables for the VPC.
- routes
pulumi
Aws. Route[] - The Routes for the VPC.
- subnet
Layout ResolvedSubnet Spec[] - The resolved subnet specs layout deployed to each availability zone.
- subnets
pulumi
Aws. Subnet[] - The VPC's subnets.
- vpc
pulumi
Aws. Vpc - The VPC. This type is defined in the AWS Classic package.
- vpc
Endpoints pulumiAws. Vpc Endpoint[] - The VPC Endpoints that are enabled
- vpc
Id string
- eips
Sequence[pulumi_
aws.ec2. Eip] - The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
- internet_
gateway pulumi_aws.ec2. Internet Gateway - The Internet Gateway for the VPC. This type is defined in the AWS Classic package.
- isolated_
subnet_ Sequence[str]ids - private_
subnet_ Sequence[str]ids - public_
subnet_ Sequence[str]ids - route_
table_ Sequence[pulumi_associations aws.ec2. Route Table Association] - The Route Table Associations for the VPC.
- route_
tables Sequence[pulumi_aws.ec2. Route Table] - The Route Tables for the VPC.
- routes
Sequence[pulumi_
aws.ec2. Route] - The Routes for the VPC.
- subnet_
layout Sequence[ResolvedSubnet Spec] - The resolved subnet specs layout deployed to each availability zone.
- subnets
Sequence[pulumi_
aws.ec2. Subnet] - The VPC's subnets.
- vpc
pulumi_
aws.ec2. Vpc - The VPC. This type is defined in the AWS Classic package.
- vpc_
endpoints Sequence[pulumi_aws.ec2. Vpc Endpoint] - The VPC Endpoints that are enabled
- vpc_
id str
- eips List<aws::Eip>
- The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
- internet
Gateway aws::InternetGateway - The Internet Gateway for the VPC. This type is defined in the AWS Classic package.
- isolated
Subnet List<String>Ids - private
Subnet List<String>Ids - public
Subnet List<String>Ids - route
Table List<aws::RouteAssociations Table Association> - The Route Table Associations for the VPC.
- route
Tables List<aws::RouteTable> - The Route Tables for the VPC.
- routes List<aws::Route>
- The Routes for the VPC.
- subnet
Layout List<Property Map> - The resolved subnet specs layout deployed to each availability zone.
- subnets List<aws::Subnet>
- The VPC's subnets.
- vpc aws::Vpc
- The VPC. This type is defined in the AWS Classic package.
- vpc
Endpoints List<aws::VpcEndpoint> - The VPC Endpoints that are enabled
- vpc
Id String
Supporting Types
NatGatewayConfiguration, NatGatewayConfigurationArgs
- Strategy
Pulumi.
Awsx. Ec2. Nat Gateway Strategy - The strategy for deploying NAT Gateways.
- Elastic
Ip List<string>Allocation Ids - A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).
- Strategy
Nat
Gateway Strategy - The strategy for deploying NAT Gateways.
- Elastic
Ip []stringAllocation Ids - A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).
- strategy
Nat
Gateway Strategy - The strategy for deploying NAT Gateways.
- elastic
Ip List<String>Allocation Ids - A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).
- strategy
Nat
Gateway Strategy - The strategy for deploying NAT Gateways.
- elastic
Ip string[]Allocation Ids - A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).
- strategy
Nat
Gateway Strategy - The strategy for deploying NAT Gateways.
- elastic_
ip_ Sequence[str]allocation_ ids - A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).
- strategy
"None" | "Single" | "One
Per Az" - The strategy for deploying NAT Gateways.
- elastic
Ip List<String>Allocation Ids - A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).
NatGatewayStrategy, NatGatewayStrategyArgs
- None
- NoneDo not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
- Single
- SingleCreate a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
- One
Per Az - OnePerAzCreate a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.
- Nat
Gateway Strategy None - NoneDo not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
- Nat
Gateway Strategy Single - SingleCreate a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
- Nat
Gateway Strategy One Per Az - OnePerAzCreate a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.
- None
- NoneDo not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
- Single
- SingleCreate a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
- One
Per Az - OnePerAzCreate a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.
- None
- NoneDo not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
- Single
- SingleCreate a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
- One
Per Az - OnePerAzCreate a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.
- NONE
- NoneDo not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
- SINGLE
- SingleCreate a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
- ONE_PER_AZ
- OnePerAzCreate a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.
- "None"
- NoneDo not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
- "Single"
- SingleCreate a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
- "One
Per Az" - OnePerAzCreate a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.
ResolvedSubnetSpec, ResolvedSubnetSpecArgs
- Type
Pulumi.
Awsx. Ec2. Subnet Type - The type of subnet.
- Cidr
Blocks List<string> - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- Cidr
Mask int - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - Name string
- The subnet's name. Will be templated upon creation.
- Size int
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
- Type
Subnet
Type - The type of subnet.
- Cidr
Blocks []string - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- Cidr
Mask int - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - Name string
- The subnet's name. Will be templated upon creation.
- Size int
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
- type
Subnet
Type - The type of subnet.
- cidr
Blocks List<String> - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- cidr
Mask Integer - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - name String
- The subnet's name. Will be templated upon creation.
- size Integer
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
- type
Subnet
Type - The type of subnet.
- cidr
Blocks string[] - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- cidr
Mask number - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - name string
- The subnet's name. Will be templated upon creation.
- size number
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
- type
Subnet
Type - The type of subnet.
- cidr_
blocks Sequence[str] - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- cidr_
mask int - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - name str
- The subnet's name. Will be templated upon creation.
- size int
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
- type "Public" | "Private" | "Isolated" | "Unused"
- The type of subnet.
- cidr
Blocks List<String> - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- cidr
Mask Number - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - name String
- The subnet's name. Will be templated upon creation.
- size Number
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
SubnetAllocationStrategy, SubnetAllocationStrategyArgs
- Legacy
- LegacyGroup private subnets first, followed by public subnets, followed by isolated subnets.
- Auto
- AutoOrder remains as specified by specs, allowing gaps where required.
- Exact
- ExactWhole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.
- Subnet
Allocation Strategy Legacy - LegacyGroup private subnets first, followed by public subnets, followed by isolated subnets.
- Subnet
Allocation Strategy Auto - AutoOrder remains as specified by specs, allowing gaps where required.
- Subnet
Allocation Strategy Exact - ExactWhole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.
- Legacy
- LegacyGroup private subnets first, followed by public subnets, followed by isolated subnets.
- Auto
- AutoOrder remains as specified by specs, allowing gaps where required.
- Exact
- ExactWhole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.
- Legacy
- LegacyGroup private subnets first, followed by public subnets, followed by isolated subnets.
- Auto
- AutoOrder remains as specified by specs, allowing gaps where required.
- Exact
- ExactWhole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.
- LEGACY
- LegacyGroup private subnets first, followed by public subnets, followed by isolated subnets.
- AUTO
- AutoOrder remains as specified by specs, allowing gaps where required.
- EXACT
- ExactWhole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.
- "Legacy"
- LegacyGroup private subnets first, followed by public subnets, followed by isolated subnets.
- "Auto"
- AutoOrder remains as specified by specs, allowing gaps where required.
- "Exact"
- ExactWhole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.
SubnetSpec, SubnetSpecArgs
- Type
Pulumi.
Awsx. Ec2. Subnet Type - The type of subnet.
- Cidr
Blocks List<string> - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- Cidr
Mask int - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - Name string
- The subnet's name. Will be templated upon creation.
- Size int
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - Dictionary<string, string>
- A map of tags to assign to the resource.
- Type
Subnet
Type - The type of subnet.
- Cidr
Blocks []string - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- Cidr
Mask int - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - Name string
- The subnet's name. Will be templated upon creation.
- Size int
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - map[string]string
- A map of tags to assign to the resource.
- type
Subnet
Type - The type of subnet.
- cidr
Blocks List<String> - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- cidr
Mask Integer - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - name String
- The subnet's name. Will be templated upon creation.
- size Integer
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - Map<String,String>
- A map of tags to assign to the resource.
- type
Subnet
Type - The type of subnet.
- cidr
Blocks string[] - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- cidr
Mask number - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - name string
- The subnet's name. Will be templated upon creation.
- size number
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - {[key: string]: string}
- A map of tags to assign to the resource.
- type
Subnet
Type - The type of subnet.
- cidr_
blocks Sequence[str] - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- cidr_
mask int - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - name str
- The subnet's name. Will be templated upon creation.
- size int
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - Mapping[str, str]
- A map of tags to assign to the resource.
- type "Public" | "Private" | "Isolated" | "Unused"
- The type of subnet.
- cidr
Blocks List<String> - An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
- cidr
Mask Number - The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - name String
- The subnet's name. Will be templated upon creation.
- size Number
- Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the
cidrMask
,cidrBlocks
or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone. - Map<String>
- A map of tags to assign to the resource.
SubnetType, SubnetTypeArgs
- Public
- PublicA subnet whose hosts can directly communicate with the internet.
- Private
- PrivateA subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
- Isolated
- IsolatedA subnet whose hosts have no connectivity with the internet.
- Unused
- UnusedA subnet range which is reserved, but no subnet will be created.
- Subnet
Type Public - PublicA subnet whose hosts can directly communicate with the internet.
- Subnet
Type Private - PrivateA subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
- Subnet
Type Isolated - IsolatedA subnet whose hosts have no connectivity with the internet.
- Subnet
Type Unused - UnusedA subnet range which is reserved, but no subnet will be created.
- Public
- PublicA subnet whose hosts can directly communicate with the internet.
- Private
- PrivateA subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
- Isolated
- IsolatedA subnet whose hosts have no connectivity with the internet.
- Unused
- UnusedA subnet range which is reserved, but no subnet will be created.
- Public
- PublicA subnet whose hosts can directly communicate with the internet.
- Private
- PrivateA subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
- Isolated
- IsolatedA subnet whose hosts have no connectivity with the internet.
- Unused
- UnusedA subnet range which is reserved, but no subnet will be created.
- PUBLIC
- PublicA subnet whose hosts can directly communicate with the internet.
- PRIVATE
- PrivateA subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
- ISOLATED
- IsolatedA subnet whose hosts have no connectivity with the internet.
- UNUSED
- UnusedA subnet range which is reserved, but no subnet will be created.
- "Public"
- PublicA subnet whose hosts can directly communicate with the internet.
- "Private"
- PrivateA subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
- "Isolated"
- IsolatedA subnet whose hosts have no connectivity with the internet.
- "Unused"
- UnusedA subnet range which is reserved, but no subnet will be created.
VpcEndpointSpec, VpcEndpointSpecArgs
- Service
Name string - The service name. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>
(the SageMaker Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook
). - Auto
Accept bool - Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
- Dns
Options Pulumi.Aws. Ec2. Inputs. Vpc Endpoint Dns Options The DNS options for the endpoint. See dns_options below.
This type is defined in the AWS Classic package.
- Ip
Address stringType - The IP address type for the endpoint. Valid values are
ipv4
,dualstack
, andipv6
. - Policy string
- A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All
Gateway
and someInterface
endpoints support policies - see the relevant AWS documentation for more details. - Private
Dns boolEnabled - Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to
false
. - Route
Table List<string>Ids - One or more route table IDs. Applicable for endpoints of type
Gateway
. - Security
Group List<string>Ids - The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type
Interface
. If no security groups are specified, the VPC's default security group is associated with the endpoint. - Subnet
Configurations List<Pulumi.Aws. Ec2. Inputs. Vpc Endpoint Subnet Configuration> - Subnet configuration for the endpoint, used to select specific IPv4 and/or IPv6 addresses to the endpoint. See subnet_configuration below.
- Subnet
Ids List<string> - The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type
GatewayLoadBalancer
andInterface
. Interface type endpoints cannot function without being assigned to a subnet. - Dictionary<string, string>
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Vpc
Endpoint stringType - The VPC endpoint type,
Gateway
,GatewayLoadBalancer
, orInterface
. Defaults toGateway
.
- Service
Name string - The service name. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>
(the SageMaker Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook
). - Auto
Accept bool - Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
- Dns
Options VpcEndpoint Dns Options The DNS options for the endpoint. See dns_options below.
This type is defined in the AWS Classic package.
- Ip
Address stringType - The IP address type for the endpoint. Valid values are
ipv4
,dualstack
, andipv6
. - Policy string
- A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All
Gateway
and someInterface
endpoints support policies - see the relevant AWS documentation for more details. - Private
Dns boolEnabled - Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to
false
. - Route
Table []stringIds - One or more route table IDs. Applicable for endpoints of type
Gateway
. - Security
Group []stringIds - The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type
Interface
. If no security groups are specified, the VPC's default security group is associated with the endpoint. - Subnet
Configurations VpcEndpoint Subnet Configuration - Subnet configuration for the endpoint, used to select specific IPv4 and/or IPv6 addresses to the endpoint. See subnet_configuration below.
- Subnet
Ids []string - The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type
GatewayLoadBalancer
andInterface
. Interface type endpoints cannot function without being assigned to a subnet. - map[string]string
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Vpc
Endpoint stringType - The VPC endpoint type,
Gateway
,GatewayLoadBalancer
, orInterface
. Defaults toGateway
.
- service
Name String - The service name. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>
(the SageMaker Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook
). - auto
Accept Boolean - Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
- dns
Options VpcEndpoint Dns Options The DNS options for the endpoint. See dns_options below.
This type is defined in the AWS Classic package.
- ip
Address StringType - The IP address type for the endpoint. Valid values are
ipv4
,dualstack
, andipv6
. - policy String
- A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All
Gateway
and someInterface
endpoints support policies - see the relevant AWS documentation for more details. - private
Dns BooleanEnabled - Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to
false
. - route
Table List<String>Ids - One or more route table IDs. Applicable for endpoints of type
Gateway
. - security
Group List<String>Ids - The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type
Interface
. If no security groups are specified, the VPC's default security group is associated with the endpoint. - subnet
Configurations List<VpcEndpoint Subnet Configuration> - Subnet configuration for the endpoint, used to select specific IPv4 and/or IPv6 addresses to the endpoint. See subnet_configuration below.
- subnet
Ids List<String> - The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type
GatewayLoadBalancer
andInterface
. Interface type endpoints cannot function without being assigned to a subnet. - Map<String,String>
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - vpc
Endpoint StringType - The VPC endpoint type,
Gateway
,GatewayLoadBalancer
, orInterface
. Defaults toGateway
.
- service
Name string - The service name. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>
(the SageMaker Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook
). - auto
Accept boolean - Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
- dns
Options pulumiAws.types.input. Vpc Endpoint Dns Options The DNS options for the endpoint. See dns_options below.
This type is defined in the AWS Classic package.
- ip
Address stringType - The IP address type for the endpoint. Valid values are
ipv4
,dualstack
, andipv6
. - policy string
- A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All
Gateway
and someInterface
endpoints support policies - see the relevant AWS documentation for more details. - private
Dns booleanEnabled - Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to
false
. - route
Table string[]Ids - One or more route table IDs. Applicable for endpoints of type
Gateway
. - security
Group string[]Ids - The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type
Interface
. If no security groups are specified, the VPC's default security group is associated with the endpoint. - subnet
Configurations pulumiAws.types.input. Vpc Endpoint Subnet Configuration[] - Subnet configuration for the endpoint, used to select specific IPv4 and/or IPv6 addresses to the endpoint. See subnet_configuration below.
- subnet
Ids string[] - The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type
GatewayLoadBalancer
andInterface
. Interface type endpoints cannot function without being assigned to a subnet. - {[key: string]: string}
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - vpc
Endpoint stringType - The VPC endpoint type,
Gateway
,GatewayLoadBalancer
, orInterface
. Defaults toGateway
.
- service_
name str - The service name. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>
(the SageMaker Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook
). - auto_
accept bool - Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
- dns_
options pulumi_aws.ec2. Vpc Endpoint Dns Options Args The DNS options for the endpoint. See dns_options below.
This type is defined in the AWS Classic package.
- ip_
address_ strtype - The IP address type for the endpoint. Valid values are
ipv4
,dualstack
, andipv6
. - policy str
- A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All
Gateway
and someInterface
endpoints support policies - see the relevant AWS documentation for more details. - private_
dns_ boolenabled - Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to
false
. - route_
table_ Sequence[str]ids - One or more route table IDs. Applicable for endpoints of type
Gateway
. - security_
group_ Sequence[str]ids - The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type
Interface
. If no security groups are specified, the VPC's default security group is associated with the endpoint. - subnet_
configurations Sequence[pulumi_aws.ec2. Vpc Endpoint Subnet Configuration Args] - Subnet configuration for the endpoint, used to select specific IPv4 and/or IPv6 addresses to the endpoint. See subnet_configuration below.
- subnet_
ids Sequence[str] - The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type
GatewayLoadBalancer
andInterface
. Interface type endpoints cannot function without being assigned to a subnet. - Mapping[str, str]
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - vpc_
endpoint_ strtype - The VPC endpoint type,
Gateway
,GatewayLoadBalancer
, orInterface
. Defaults toGateway
.
- service
Name String - The service name. For AWS services the service name is usually in the form
com.amazonaws.<region>.<service>
(the SageMaker Notebook service is an exception to this rule, the service name is in the formaws.sagemaker.<region>.notebook
). - auto
Accept Boolean - Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
- dns
Options Property Map The DNS options for the endpoint. See dns_options below.
This type is defined in the AWS Classic package.
- ip
Address StringType - The IP address type for the endpoint. Valid values are
ipv4
,dualstack
, andipv6
. - policy String
- A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All
Gateway
and someInterface
endpoints support policies - see the relevant AWS documentation for more details. - private
Dns BooleanEnabled - Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to
false
. - route
Table List<String>Ids - One or more route table IDs. Applicable for endpoints of type
Gateway
. - security
Group List<String>Ids - The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type
Interface
. If no security groups are specified, the VPC's default security group is associated with the endpoint. - subnet
Configurations List<Property Map> - Subnet configuration for the endpoint, used to select specific IPv4 and/or IPv6 addresses to the endpoint. See subnet_configuration below.
- subnet
Ids List<String> - The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type
GatewayLoadBalancer
andInterface
. Interface type endpoints cannot function without being assigned to a subnet. - Map<String>
- A map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - vpc
Endpoint StringType - The VPC endpoint type,
Gateway
,GatewayLoadBalancer
, orInterface
. Defaults toGateway
.
Package Details
- Repository
- AWSx (Pulumi Crosswalk for AWS) pulumi/pulumi-awsx
- License
- Apache-2.0